The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-05-10T04:00:00

Updated: 2024-08-08T00:17:14.979Z

Reserved: 2004-05-12T00:00:00

Link: CVE-2004-0462

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-12-31T05:00:00.000

Modified: 2024-11-20T23:48:38.397

Link: CVE-2004-0462

cve-icon Redhat

No data.